Abstract
The sudden increase in employees working primarily or even exclusively at home has generated unique societal and economic circumstances which makes the protection of information assets a major problem for organizations. The application of security policies is essential for mitigating the risk of social engineering attacks. However, incorporating and enforcing successful security policies in an organization is not a straightforward task. To that end, this paper develops a model of Social Engineering InfoSec Policies (SE-IPs) and investigates the incorporation of those SE-IPs in organizations. This paper proposes a customizable model of SE-IPs that can be adopted by a wide variety of organizations. The authors designed and distributed a survey to measure the incorporation level of formal SE-IPs in organizations. After collecting and analyzing the data which included over fifteen hundred responses, the authors found that on average, organizations incorporated just over fifty percent of the identified formal Social Engineering InfoSec Policies.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
